A rising number of Japanese are discovering that millions of yen have disappeared from their bank accounts. They are victims of a new and rapidly growing type of cash card fraud called skimming.

Skimming involves stealing the data contained in the magnetic strip of a cash card by swiping it through a small electronic device. The stolen data are used to make a counterfeit card that can withdraw cash from the victim's account at an automatic teller machine (ATM).

One group of suspected offenders recently arrested by police in Tokyo and other prefectures in the metropolitan area took advantage of the fact that many golfers use the PIN code for their cash cards as the number for their security lockers at golf clubs.

The suspects allegedly obtained the master key from the manager of a golf course to open the security lockers. They then stole crucial data from the cash cards inside with a skimming device and later produced fraudulent cards, according to police.

Cash card fraud has been rising sharply in recent years, according to the Japanese Bankers Association. The number of reported cases jumped from just four in fiscal 2002 to 91 in 2003. In the first half of the current fiscal year, as many as 122 cases were disclosed for a total damage of 460 million yen, according to the association.

While this is obviously a serious problem threatening to undermine public faith in the safety of bank deposits, Japanese financial institutions have been slow to respond. Banks are lukewarm about dealing with this new wave of crime because they think they are not liable for the damage caused by these schemes.

Initially, the banking industry was even unwilling to file police reports on these fraud cases. The banks agreed to report skimming incidents to police in June last year, but they are still very cautious about compensating victims for their losses.

Frustrated individual victims have sued the banks for damages or forged alliances for such litigation. Meanwhile, worried depositors have started dispersing the risks by spreading their deposits over many bank accounts.

Clearly, steps must be taken to prevent further confusion and anxiety among depositors. The Financial Services Agency has decided to study the situation and work out policy responses by the end of February. Prompt action by the authorities is now urgently needed.

Possible measures include new legislation to obligate banks to pay compensation for losses from cash card fraud if the victims are free from fault. The banking industry can establish self-imposed rules for compensation in such cases.

The U.S. law requires banks to provide nearly full compensation to card fraud victims as long as they report the theft or loss of their cards to the banks within a certain period of time.

In Britain and Germany, there are self-imposed rules mandating banks to cover the better part of the damage from card fraud on condition that there has been no serious negligence on the part of the victims.

There are a number of things banks can do without waiting for new legislation or rules. They can, for instance, switch from cards with a magnetic strip to smart cards with a built-in chip that are harder to forge.

They can also introduce a new verification system based on cardholders' biological data, like palm vein patterns, or simply lower the maximum amount that can be withdrawn from ATMs.

Some banks will adopt or have already adopted such new security steps, although some are subject to the depositor's choice.

One thing that is certain now is that more depositors will pay serious attention to banks' security efforts in deciding where to park their savings.